CVE-2000-0921 Information

Description

Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-10/0115.html http://www.osvdb.org/1596 http://www.securityfocus.com/bid/1777 https://exchange.xforce.ibmcloud.com/vulnerabilities/5342